Allele Security Alert
CRLF injections in HTTP client APIs
Twisted Matrix Laboratories
Twisted versions before 19.2.1
Proof of concept
Twisted’s HTTP client APIs were vulnerable to maliciously constructed HTTP methods, hosts, and/or paths, URI components such as paths and query parameters.
Twisted 19.2.1 Released
[Twisted-Python] [SECURITY] Twisted 19.2.1 Release Announcement
Prevent CRLF injections described in CVE-2019-12387
If there is any error in this alert or you wish a comprehensive analysis, let us know.
Last modified: June 10, 2019